Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Cisco Stealthwatch

Scalable visibility and security analytics across your business

Outsmart emerging threats in your digital business with industry-leading machine learning and behavioral modeling. Know who is on the network and what they are doing using telemetry from your network infrastructure. Detect advanced threats and respond to them quickly. Protect critical data with smarter network segmentation. And do it all with an agentless solution that grows with your business.

Get Gartner report on network detection and response

Learn how Cisco Stealthwatch meets the key capabilities required in a network detection and response solution, including the analysis of encrypted traffic.

SecureX platform and traffic analytics

The Cisco SecureX platform brings together the best of our broad and integrated security technologies, including traffic analytics for advanced threat detection and response.

Network traffic analysis: Why you need it

Learn what to look for in a network traffic analysis solution and the six capabilities you can't live without. Hear from Jon Oltsik about research conducted by Enterprise Strategy Group.

Features and benefits

Get comprehensive visibility and analytics (PDF)

Detect attacks across the dynamic network with high-fidelity alerts enriched with context such as user, device, location, timestamp,and application. Analyze encrypted traffic for threats and compliance, without decryption.

Speed up incident response (PDF)

Quickly detect unknown malware, insider threats like data exfiltration, policy violations, and other sophisticated attacks using advanced analytics. Store telemetry data for long periods for forensic analysis. 

Simplify network segmentation

Define smarter segmentation policies without disrupting the business. Create alerts customized to your organization to detect any unauthorized access and to ensure compliance. Use the Stealthwatch integration with Cisco Identity Services Engine (ISE) to enforce policies and contain threats.

Get SaaS-based visibility and threat detection across all major public cloud platforms without software agents with Stealthwatch Cloud.

Secure remote workforce and optimize resources

With the recent transition in the way employees are connecting to the network, it's more important than ever to use visibility and security analytics to secure organizations and implement capacity planning for uptime.

Flexible deployment options to provide visibility everywhere

Stealthwatch Enterprise

  • On-premises data storage, granular tuning, SecOps and NetOps use cases, air-gapped networks
  • Hardware or virtual appliance
  • Priced by FPS (flows per second)

Stealthwatch Cloud (private network monitoring)

  • Simple deployment, automated tuning, SecOps and light NetOps use cases, also monitors Meraki and container environments
  • SaaS-based
  • Endpoint-based pricing

Stealthwatch Cloud (public cloud monitoring)

  • Suitable for all organizations using public cloud infrastructure like Amazon Web Services, Microsoft Azure, Google Cloud Platform, and serverless environments
  • SaaS-based
  • Usage-based pricing determined by volume of log data

Agentless, scalable, and integrated security

Cisco Stealthwatch is the most comprehensive visibility and network traffic analysis (NTA)/ network detection and response (NDR) solution that uses enterprise telemetry from the existing network infrastructure. It provides advanced threat detection, accelerated threat response, and simplified network segmentation using multilayer machine learning and entity modeling. With advanced behavioral analytics, you will always know who is on your network and what they are doing.

A single, agentless solution allows visibility across the extended network, from on-premises to the cloud. And with Encrypted Traffic Analytics, it is the only solution that can detect malware in encrypted traffic and ensure policy compliance, without decryption. Now, with the Cisco SecureX platform, you can extend the value of Stealthwatch even further, from the network and cloud to endpoints, applications, and more.

Hybrid and multicloud security

Stealthwatch is the only solution that detects threats across your private network, public clouds, and even in encrypted traffic.

Secure your cloud in Microsoft Azure

Reduce costs and complexity while securing your cloud environment in Azure.

A new approach to AWS security

Dynamic environments such as Amazon Web Services (AWS) need a rethinking of security.

Security for Google Cloud

In as little as 10 minutes, secure your Google Cloud Platform environments.

Training and services

Optimize your Stealthwatch deployment with training, services, and support.

Product training

Get the most out of Stealthwatch. Use the learning opportunities available to you from the Stealthwatch Customer Success Learning Services team.

Professional services

Work with the Professional Services team to optimize your Stealthwatch deployment and meet specific business needs. 

Customer support

Get assistance from our 24-hour Customer Support team to implement, troubleshoot, and maintain Stealthwatch.

Accelerate time to value

Enhance your user experience throughout the product lifecycle with Stealthwatch Services.

Engage, learn, and expand your knowledge

The Stealthwatch Information Hub is your one-stop shop for dedicated Stealthwatch content.

Visit the Stealthwatch community

Join your peers and Cisco experts in the Cisco Stealthwatch community. Get valuable resources, ask questions, and share your expertise.


The Security Choice Enterprise Agreement has never been so flexible. It's easy to manage to help you respond faster to security challenges.

For partners

Are you a Cisco partner?  Log in to see additional resources.

Looking for a solution from a Cisco partner? Connect with our security technical alliance partners.